Opened 11 years ago

Closed 9 years ago

#1014 closed enhancement (fixed)

Configurable cipher type/list setting in SIP transport TLS (thanks Tal Fromm for the suggestion)

Reported by: nanang Owned by: bennylp
Priority: normal Milestone: release-1.14
Component: pjsip Version: 1.x-branch
Keywords: Cc:
Backport to 1.x milestone: Backported:

Description (last modified by nanang)

Configuring cipher-suites can be useful in controlling security level, e.g: omitting cipher-suites with anonymous communication is recommended to prevent man-in-the-middle attacks.

Currently, ciphers preference and the order is configurable in PJLIB level, but not in PJSIP TLS transport.

Attachments (2)

1014-key_uses_cipher_code.diff (22.9 KB) - added by nanang 10 years ago.
implementation with cipher code as key, also has cipher names table
1014-key_uses_cipher_index.diff (46.1 KB) - added by nanang 10 years ago.
implementation with cipher index as key

Download all attachments as: .zip

Change History (7)

comment:1 Changed 11 years ago by bennylp

  • Milestone changed from release-1.6 to release-1.7

comment:2 Changed 10 years ago by nanang

  • Description modified (diff)

Configuring cipher-suites can be useful in controlling security level, e.g: omitting cipher-suites with anonymous communication is recommended to prevent man-in-the-middle attacks.

Currently, ciphers preference and the order is configurable in PJLIB level, but not in PJSIP TLS transport.

Changed 10 years ago by nanang

implementation with cipher code as key, also has cipher names table

Changed 10 years ago by nanang

implementation with cipher index as key

comment:3 Changed 10 years ago by nanang

  • Description modified (diff)
  • Milestone changed from release-1.7 to Known-Issues-and-Ideas

comment:4 Changed 9 years ago by nanang

  • Milestone changed from Known-Issues-and-Ideas to release-1.14
  • Version changed from trunk to 1.x-branch

comment:5 Changed 9 years ago by nanang

  • Resolution set to fixed
  • Status changed from new to closed

(In [3942]) Close #1014:

  • Added configurable ciphers setting in SIP TLS transport and pjsua app.
  • Added API pj_ssl_cipher_is_supported().
Note: See TracTickets for help on using tickets.